Many computer-implemented applications and processes depend on cooperation between two or more computers, which communicate via a point-to-point or point-to-multipoint data network, or a distributed network of point-to-point and point-to-multipoint segments interconnected by routers and bridges. Computer interactions are often separated into two general classes, client-server and peer-to-peer, though those classes are not distinguished in the Open Systems Interconnection Basic Reference Model (“OSI Model”), a seven-layered, abstract description of the hardware, firmware and software that make distributed data processing systems possible.
In common usage, a client-server application is one where a first computer (the client) seeks out, connects to, and requests a service of a second computer (the server). Clients are often smaller or less capable machines with fewer resources, while servers are typically larger, faster and better connected, in keeping with their responsibility to provide services to many requesting clients. In a peer-to-peer system, participating computers may be of varying capabilities, and their interactions tend to further a common goal of benefit to both (or all) of the machines. Both client-server and peer-to-peer applications use the same sorts of communication facilities, which can all be localized to one level or another of the OSI model, but it is important to recognize that the different interaction profiles place different demands on the communication infrastructure, and influence network protocol design in different ways.
Security and authentication are two areas where the needs of client-server and peer-to-peer applications diverge. Of course, many applications, of both classes, can do without any sort of security or authentication (consider, for example, the great value of ordinary web servers, which serve anonymous clients and need no protection against eavesdropping). However, participants in a peer-to-peer network may wish to shield their interactions from snooping, or to enforce fairness among themselves. Similarly, some clients of some web servers may wish to establish the servers' identities with certainty and keep their interactions confidential. For example, a user of an online banking service may be concerned about an impostor server collecting his account details and password, and may not care to have his bank statement transmitted in plaintext over a wireless connection.
The protocols and techniques developed to address these (and other) situations can share certain implementation details, but the variety of different protocols in active use attests to the difficulty of designing a one-size-fits-all protocol. Indeed, even flexible, extensible protocols often fail to support certain niche applications. In these cases, a new extension (or even a new protocol) may be required.